package org.apereo.cas.authentication.attribute;

import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonTypeInfo;
import java.nio.charset.StandardCharsets;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.regex.Matcher;
import java.util.stream.Collectors;
import javax.crypto.Cipher;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.builder.CompareToBuilder;
import org.apereo.cas.CasProtocolConstants;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.RegisteredServicePublicKey;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.EncodingUtils;
import org.apereo.cas.util.scripting.ExecutableCompiledGroovyScript;
import org.apereo.cas.util.scripting.ScriptResourceCacheManager;
import org.apereo.cas.util.scripting.ScriptingUtils;
import org.apereo.cas.util.spring.ApplicationContextProvider;
import org.apereo.cas.web.flow.CasWebflowConstants;
import org.apereo.services.persondir.util.CaseCanonicalizationMode;
import org.jooq.lambda.Unchecked;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS)
/* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-api-6.6.14.jar:org/apereo/cas/authentication/attribute/DefaultAttributeDefinition.class */
public class DefaultAttributeDefinition implements AttributeDefinition {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) DefaultAttributeDefinition.class);
    private static final long serialVersionUID = 6898745248727445565L;
    private String key;
    private String name;
    private boolean scoped;
    private boolean encrypted;
    private String attribute;
    private String patternFormat;
    private String script;
    private String canonicalizationMode;

    @Generated
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-api-6.6.14.jar:org/apereo/cas/authentication/attribute/DefaultAttributeDefinition$DefaultAttributeDefinitionBuilder.class */
    public static abstract class DefaultAttributeDefinitionBuilder<C extends DefaultAttributeDefinition, B extends DefaultAttributeDefinitionBuilder<C, B>> {

        @Generated
        private String key;

        @Generated
        private String name;

        @Generated
        private boolean scoped;

        @Generated
        private boolean encrypted;

        @Generated
        private String attribute;

        @Generated
        private String patternFormat;

        @Generated
        private String script;

        @Generated
        private String canonicalizationMode;

        @Generated
        protected abstract B self();

        @Generated
        public abstract C build();

        @Generated
        public B key(String str) {
            this.key = str;
            return self();
        }

        @Generated
        public B name(String str) {
            this.name = str;
            return self();
        }

        @Generated
        public B scoped(boolean z) {
            this.scoped = z;
            return self();
        }

        @Generated
        public B encrypted(boolean z) {
            this.encrypted = z;
            return self();
        }

        @Generated
        public B attribute(String str) {
            this.attribute = str;
            return self();
        }

        @Generated
        public B patternFormat(String str) {
            this.patternFormat = str;
            return self();
        }

        @Generated
        public B script(String str) {
            this.script = str;
            return self();
        }

        @Generated
        public B canonicalizationMode(String str) {
            this.canonicalizationMode = str;
            return self();
        }

        @Generated
        public String toString() {
            return "DefaultAttributeDefinition.DefaultAttributeDefinitionBuilder(key=" + this.key + ", name=" + this.name + ", scoped=" + this.scoped + ", encrypted=" + this.encrypted + ", attribute=" + this.attribute + ", patternFormat=" + this.patternFormat + ", script=" + this.script + ", canonicalizationMode=" + this.canonicalizationMode + ")";
        }
    }

    @Generated
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-api-6.6.14.jar:org/apereo/cas/authentication/attribute/DefaultAttributeDefinition$DefaultAttributeDefinitionBuilderImpl.class */
    private static final class DefaultAttributeDefinitionBuilderImpl extends DefaultAttributeDefinitionBuilder<DefaultAttributeDefinition, DefaultAttributeDefinitionBuilderImpl> {
        @Generated
        private DefaultAttributeDefinitionBuilderImpl() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.apereo.cas.authentication.attribute.DefaultAttributeDefinition.DefaultAttributeDefinitionBuilder
        @Generated
        public DefaultAttributeDefinitionBuilderImpl self() {
            return this;
        }

        @Override // org.apereo.cas.authentication.attribute.DefaultAttributeDefinition.DefaultAttributeDefinitionBuilder
        @Generated
        public DefaultAttributeDefinition build() {
            return new DefaultAttributeDefinition(this);
        }
    }

    @Override // java.lang.Comparable
    public int compareTo(AttributeDefinition attributeDefinition) {
        return new CompareToBuilder().append(getKey(), attributeDefinition.getKey()).build().intValue();
    }

    @Override // org.apereo.cas.authentication.attribute.AttributeDefinition
    @JsonIgnore
    public List<Object> resolveAttributeValues(List<Object> list, String str, RegisteredService registeredService, Map<String, List<Object>> map) {
        List<Object> arrayList = new ArrayList(list);
        if (StringUtils.isNotBlank(getScript())) {
            arrayList = getScriptedAttributeValue(this.key, arrayList, registeredService, map);
        }
        if (isScoped()) {
            arrayList = formatValuesWithScope(str, arrayList);
        }
        if (StringUtils.isNotBlank(getPatternFormat())) {
            arrayList = formatValuesWithPattern(arrayList);
        }
        if (isEncrypted()) {
            arrayList = encryptValues(arrayList, registeredService);
        }
        if (StringUtils.isNotBlank(this.canonicalizationMode)) {
            CaseCanonicalizationMode valueOf = CaseCanonicalizationMode.valueOf(this.canonicalizationMode.toUpperCase());
            arrayList = (List) arrayList.stream().map(obj -> {
                return valueOf.canonicalize(obj.toString());
            }).collect(Collectors.toList());
        }
        LOGGER.trace("Resolved values [{}] for attribute definition [{}]", arrayList, this);
        return arrayList;
    }

    private static List<Object> formatValuesWithScope(String str, List<Object> list) {
        return (List) list.stream().map(obj -> {
            return String.format("%s@%s", obj, str);
        }).collect(Collectors.toCollection(ArrayList::new));
    }

    private static List<Object> encryptValues(List<Object> list, RegisteredService registeredService) {
        RegisteredServicePublicKey publicKey = registeredService.getPublicKey();
        if (publicKey == null) {
            LOGGER.error("No public key is defined for service [{}]. No attributes will be released", registeredService);
            return new ArrayList(0);
        }
        Cipher cipher = publicKey.toCipher();
        if (cipher != null) {
            return (List) list.stream().map(Unchecked.function(obj -> {
                LOGGER.trace("Encrypting attribute value [{}]", obj);
                String encodeBase64 = EncodingUtils.encodeBase64(cipher.doFinal(obj.toString().getBytes(StandardCharsets.UTF_8)));
                LOGGER.trace("Encrypted attribute value [{}]", encodeBase64);
                return encodeBase64;
            })).collect(Collectors.toCollection(ArrayList::new));
        }
        LOGGER.error("Unable to initialize cipher given the public key algorithm [{}]", publicKey.getAlgorithm());
        return new ArrayList(0);
    }

    private List<Object> formatValuesWithPattern(List<Object> list) {
        return (List) list.stream().map(obj -> {
            return MessageFormat.format(getPatternFormat(), obj);
        }).collect(Collectors.toCollection(ArrayList::new));
    }

    @JsonIgnore
    private List<Object> getScriptedAttributeValue(String str, List<Object> list, RegisteredService registeredService, Map<String, List<Object>> map) {
        LOGGER.trace("Locating attribute value via script for definition [{}]", this);
        Matcher matcherForInlineGroovyScript = ScriptingUtils.getMatcherForInlineGroovyScript(getScript());
        if (matcherForInlineGroovyScript.find()) {
            return fetchAttributeValueAsInlineGroovyScript(str, list, matcherForInlineGroovyScript.group(1), registeredService, map);
        }
        Matcher matcherForExternalGroovyScript = ScriptingUtils.getMatcherForExternalGroovyScript(getScript());
        return matcherForExternalGroovyScript.find() ? fetchAttributeValueFromExternalGroovyScript(str, list, matcherForExternalGroovyScript.group(), registeredService, map) : new ArrayList(0);
    }

    private static List<Object> fetchAttributeValueFromExternalGroovyScript(String str, List<Object> list, String str2, RegisteredService registeredService, Map<String, List<Object>> map) {
        ExecutableCompiledGroovyScript resolveScriptableResource;
        Optional<ScriptResourceCacheManager<String, ExecutableCompiledGroovyScript>> scriptResourceCacheManager = ApplicationContextProvider.getScriptResourceCacheManager();
        if (scriptResourceCacheManager.isPresent() && (resolveScriptableResource = scriptResourceCacheManager.get().resolveScriptableResource(str2, str, str2)) != null) {
            return fetchAttributeValueFromScript(resolveScriptableResource, str, list, registeredService, map);
        }
        LOGGER.warn("No groovy script cache manager is available to execute attribute mappings");
        return new ArrayList(0);
    }

    private static List<Object> fetchAttributeValueAsInlineGroovyScript(String str, List<Object> list, String str2, RegisteredService registeredService, Map<String, List<Object>> map) {
        Optional<ScriptResourceCacheManager<String, ExecutableCompiledGroovyScript>> scriptResourceCacheManager = ApplicationContextProvider.getScriptResourceCacheManager();
        if (scriptResourceCacheManager.isPresent()) {
            return fetchAttributeValueFromScript(scriptResourceCacheManager.get().resolveScriptableResource(str2, str, str2), str, list, registeredService, map);
        }
        LOGGER.warn("No groovy script cache manager is available to execute attribute mappings");
        return new ArrayList(0);
    }

    private static List<Object> fetchAttributeValueFromScript(ExecutableCompiledGroovyScript executableCompiledGroovyScript, String str, List<Object> list, RegisteredService registeredService, Map<String, List<Object>> map) {
        Map<String, Object> wrap = CollectionUtils.wrap("attributeName", Objects.requireNonNull(str), "attributeValues", list, "logger", LOGGER, CasWebflowConstants.ATTRIBUTE_REGISTERED_SERVICE, registeredService, CasProtocolConstants.VALIDATION_CAS_MODEL_ATTRIBUTE_NAME_ATTRIBUTES, map);
        executableCompiledGroovyScript.setBinding(wrap);
        return (List) executableCompiledGroovyScript.execute(wrap.values().toArray(), List.class);
    }

    @Generated
    protected DefaultAttributeDefinition(DefaultAttributeDefinitionBuilder<?, ?> defaultAttributeDefinitionBuilder) {
        this.key = ((DefaultAttributeDefinitionBuilder) defaultAttributeDefinitionBuilder).key;
        this.name = ((DefaultAttributeDefinitionBuilder) defaultAttributeDefinitionBuilder).name;
        this.scoped = ((DefaultAttributeDefinitionBuilder) defaultAttributeDefinitionBuilder).scoped;
        this.encrypted = ((DefaultAttributeDefinitionBuilder) defaultAttributeDefinitionBuilder).encrypted;
        this.attribute = ((DefaultAttributeDefinitionBuilder) defaultAttributeDefinitionBuilder).attribute;
        this.patternFormat = ((DefaultAttributeDefinitionBuilder) defaultAttributeDefinitionBuilder).patternFormat;
        this.script = ((DefaultAttributeDefinitionBuilder) defaultAttributeDefinitionBuilder).script;
        this.canonicalizationMode = ((DefaultAttributeDefinitionBuilder) defaultAttributeDefinitionBuilder).canonicalizationMode;
    }

    @Generated
    public static DefaultAttributeDefinitionBuilder<?, ?> builder() {
        return new DefaultAttributeDefinitionBuilderImpl();
    }

    @Generated
    public String toString() {
        return "DefaultAttributeDefinition(key=" + this.key + ", name=" + this.name + ", scoped=" + this.scoped + ", encrypted=" + this.encrypted + ", attribute=" + this.attribute + ", patternFormat=" + this.patternFormat + ", script=" + this.script + ", canonicalizationMode=" + this.canonicalizationMode + ")";
    }

    @Generated
    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof DefaultAttributeDefinition)) {
            return false;
        }
        DefaultAttributeDefinition defaultAttributeDefinition = (DefaultAttributeDefinition) obj;
        if (!defaultAttributeDefinition.canEqual(this)) {
            return false;
        }
        String str = this.key;
        String str2 = defaultAttributeDefinition.key;
        return str == null ? str2 == null : str.equals(str2);
    }

    @Generated
    protected boolean canEqual(Object obj) {
        return obj instanceof DefaultAttributeDefinition;
    }

    @Generated
    public int hashCode() {
        String str = this.key;
        return (1 * 59) + (str == null ? 43 : str.hashCode());
    }

    @Override // org.apereo.cas.authentication.attribute.AttributeDefinition
    @Generated
    public String getKey() {
        return this.key;
    }

    @Override // org.apereo.cas.authentication.attribute.AttributeDefinition
    @Generated
    public String getName() {
        return this.name;
    }

    @Override // org.apereo.cas.authentication.attribute.AttributeDefinition
    @Generated
    public boolean isScoped() {
        return this.scoped;
    }

    @Override // org.apereo.cas.authentication.attribute.AttributeDefinition
    @Generated
    public boolean isEncrypted() {
        return this.encrypted;
    }

    @Override // org.apereo.cas.authentication.attribute.AttributeDefinition
    @Generated
    public String getAttribute() {
        return this.attribute;
    }

    @Override // org.apereo.cas.authentication.attribute.AttributeDefinition
    @Generated
    public String getPatternFormat() {
        return this.patternFormat;
    }

    @Override // org.apereo.cas.authentication.attribute.AttributeDefinition
    @Generated
    public String getScript() {
        return this.script;
    }

    @Override // org.apereo.cas.authentication.attribute.AttributeDefinition
    @Generated
    public String getCanonicalizationMode() {
        return this.canonicalizationMode;
    }

    @Generated
    public void setKey(String str) {
        this.key = str;
    }

    @Generated
    public void setName(String str) {
        this.name = str;
    }

    @Generated
    public void setScoped(boolean z) {
        this.scoped = z;
    }

    @Generated
    public void setEncrypted(boolean z) {
        this.encrypted = z;
    }

    @Generated
    public void setAttribute(String str) {
        this.attribute = str;
    }

    @Generated
    public void setPatternFormat(String str) {
        this.patternFormat = str;
    }

    @Generated
    public void setScript(String str) {
        this.script = str;
    }

    @Generated
    public void setCanonicalizationMode(String str) {
        this.canonicalizationMode = str;
    }

    @Generated
    public DefaultAttributeDefinition(String str, String str2, boolean z, boolean z2, String str3, String str4, String str5, String str6) {
        this.key = str;
        this.name = str2;
        this.scoped = z;
        this.encrypted = z2;
        this.attribute = str3;
        this.patternFormat = str4;
        this.script = str5;
        this.canonicalizationMode = str6;
    }

    @Generated
    public DefaultAttributeDefinition() {
    }
}
